-
Notifications
You must be signed in to change notification settings - Fork 25.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Servers > HTTP.sys UE pass #5558
Conversation
Updates Updates Updates Update
18c191c
to
55590a8
Compare
@blowdart It's the changes to make-ssl-cert.md at the bottom of the file diffs ... scroll to the last one (https://github.com/aspnet/Docs/pull/5558/files). |
[!code-csharp[](httpsys/sample/Startup.cs?name=snippet_Configure&highlight=9-10)] | ||
|
||
An exception is thrown if you try to configure the limit on a request after the application has started reading the request. There's an `IsReadOnly` property that tells you if the `MaxRequestBodySize` property is in read-only state, meaning it's too late to configure the limit. | ||
1. If the app should override [MaxRequestBodySize](/dotnet/api/microsoft.aspnetcore.server.httpsys.httpsysoptions.maxrequestbodysize) per-request, use the [IHttpMaxRequestBodySizeFeature](/dotnet/api/microsoft.aspnetcore.http.features.ihttpmaxrequestbodysizefeature): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Doesn't this belong inside the MaxRequestBodySize description?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wish it could, but the code breaks badly inside a table cell. Also, there was the length of the code block to consider. Even if I could get it to work, it would be one heck of a large table cell. Therefore, I dropped it in down here with a conditional ("If the app should ...") to get the disinterested readers to just move past it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Then pull all of MaxRequestBodySize out into its own section. It's confusing to split up.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah ... I like it. I'll leave it in the table, but I'll bookmark link it down to its own section.
ty @Tratcher Paging Mr. @blowdart ... Mr. Dart 🎯, please pickup the nearest courtesy telephone. You only need to check the changes to make-ssl-cert.md at the bottom of the file diffs ... scroll to the last one (https://github.com/aspnet/Docs/pull/5558/files). |
HTTP.sys is a [web server for ASP.NET Core](index.md) that runs only on Windows. It's built on the [Http.Sys kernel mode driver](https://msdn.microsoft.com/library/windows/desktop/aa364510.aspx). HTTP.sys is an alternative to [Kestrel](kestrel.md) that offers some features that Kestel doesn't. **HTTP.sys can't be used with IIS or IIS Express, as it's incompatible with the [ASP.NET Core Module](aspnet-core-module.md).** | ||
[HTTP.sys](/iis/get-started/introduction-to-iis/introduction-to-iis-architecture#hypertext-transfer-protocol-stack-httpsys) is a [web server for ASP.NET Core](xref:fundamentals/servers/index) that only runs on Windows. HTTP.sys is an alternative to [Kestrel](xref:fundamentals/servers/kestrel) and offers some features that Kestrel doesn't provide. | ||
|
||
**Important!** HTTP.sys is incompatible with the [ASP.NET Core Module](xref:fundamentals/servers/aspnet-core-module) and can't be used with IIS or IIS Express. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use the "> [!IMPORTANT]" syntax for this, so it stands out a bit more.
|
||
The maximum number of concurrent open TCP connections can be set for the entire application with the following code in *Program.cs*: | ||
1. A package reference in the project file isn't required when using the [Microsoft.AspNetCore.All metapackage](xref:fundamentals/metapackage) ([nuget.org](https://www.nuget.org/packages/Microsoft.AspNetCore.All/)) (ASP.NET Core 2.0 or later). When not using the `Microsoft.AspNetCore.All` metapackage, add a package reference to [Microsoft.AspNetCore.Server.HttpSys](https://www.nuget.org/packages/Microsoft.AspNetCore.Server.HttpSys/). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's best to just say "metapackage", since there's a new "Microsoft.AspNetCore.App" metapackage in 2.1.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since there hasn't been agreement on the language yet for Replace ALL meta-package wit App Microsoft.AspNetCore.App - MD files only (#5314), perhaps we should wait. This topic will get swept up in the search for ".All" on the repo, so we know it will get addressed when #5314 is tackled.
|
||
If you use both `UseUrls` (or `urls` or ASPNETCORE_URLS) and `UrlPrefixes`, the settings in `UrlPrefixes` override the ones in `UseUrls`. For more information, see [Hosting](xref:fundamentals/hosting). | ||
1. Install the .NET Core or ASP.NET 4.x framework if the app is a [framework-dependent deployment](/dotnet/core/deploying/#framework-dependent-deployments-fdd). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did you mean to say ".NET Framework" instead of "ASP.NET 4.x framework"?
|
||
HTTP.sys uses the [HTTP Server API UrlPrefix string formats](https://msdn.microsoft.com/library/windows/desktop/aa364698.aspx). | ||
* **.NET Core** – If the app requires .NET Core, obtain and run the .NET Core installer from [.NET Downloads](https://www.microsoft.com/net/download/windows). | ||
* **ASP.NET 4.x** – If the app requires ASP.NET 4.x, see [.NET Framework: Installation guide](/dotnet/framework/install/) to find installation instructions. Install the required ASP.NET 4.x framework. The installer for the latest ASP.NET 4.x framework can be found at [.NET Downloads](https://www.microsoft.com/net/download/windows). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here again, I suspect you're talking about .NET Framework, not ASP.NET 4.x.
|
||
Both IIS and HTTP.sys rely on the underlying Http.Sys kernel mode driver to listen for requests and do initial processing. In IIS, the management UI gives you a relatively easy way to configure everything. However, you need to configure Http.Sys yourself. The built-in tool for doing that's *netsh.exe*. | ||
The settings in `UrlPrefixes` override `UseUrls`/`urls`/`ASPNETCORE_URLS` settings. Therefore, an advantage of `UseUrls`,`urls`, and the `ASPNETCORE_URLS` environment variable is that it's easier to switch between Kestrel and HTTP.sys. For more information on `UseUrls`, `urls`, and `ASPNETCORE_URLS`, see [Hosting](xref:fundamentals/hosting). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add a space before urls
|
||
With *netsh.exe* you can reserve URL prefixes and assign SSL certificates. The tool requires administrative privileges. | ||
HTTP.sys uses the [HTTP Server API UrlPrefix string formats](https://msdn.microsoft.com/library/windows/desktop/aa364698.aspx). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a different link we can use? I'd prefer to avoid MSDN.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I looked when I was updating the links. Unfortunately, no. I can't find this content anywhere except on MSDN.
|
||
Here are some third-party tools that can be easier to use than the *netsh.exe* command line. These are not provided by or endorsed by Microsoft. The tools run as administrator by default, since *netsh.exe* itself requires administrator privileges. | ||
* [Netsh Commands for Hypertext Transfer Protocol (HTTP)](https://technet.microsoft.com/library/cc725882.aspx) | ||
* [UrlPrefix Strings](https://msdn.microsoft.com/library/windows/desktop/aa364698.aspx) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is MSDN the only source of this info?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unfortunately, that's correct ... MSDN or bust! 😢
* [SelfCert](https://www.pluralsight.com/blog/software-development/selfcert-create-a-self-signed-certificate-interactively-gui-or-programmatically-in-net) | ||
* [OpenSSL](https://www.openssl.org/) | ||
|
||
On macOS and Linux, self-signed certificates can be created using [OpenSSL](https://www.openssl.org/). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can probably remove the link on the 2nd occurrence of OpenSSL. You already linked to it in the list above.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
True, but it reads "on Windows" and then "On mac and Linux." I'm concerned the Mac/Linux reader will just flat out skip that whole first bit and jump drop down to the "On macOS and Linux" bit.
Let me try a different setup of this content on the next commit that might fix it so that there's only one link to OpenSSL.
@scottaddie ty ... updates made. 👍 |
The only change I'd make is to put powershell first for windows. Making people using OpenSSL on Windows is just awful. I'm not sure I'd recommend SelfCert either, we haven't reviewed it. https://gist.github.com/blowdart/1cb907b68ed56bcf8498c16faff4221c creates the cert correctly, and trusts it on the VS dev ports, so it's a good starting point. Note that none of this will work with the 2.1 pieces, as there's an OID used for discovery - @javiercn will have details. |
@blowdart See how it looks now.
Both files are at the bottom of the file diffs: https://github.com/aspnet/Docs/pull/5558/files |
Update
e2892b6
to
1d34443
Compare
LGTM now |
ty @blowdart @Rick-Anderson Any CELA or support concerns over the markdown comment? ...
or the script comment? ...
|
Fixes #5549
Internal Review Topic
Did quite a lot of work on this one (and thus added myself to the authors list at the end):
[INCLUDE]
. We'll need @blowdart to take a look at what I did there.Doc structure overhaul
The current outline goes something like this ...
To make the topic flow in a step-by-step way, I restructured it to this ...
UrlPrefixes
because the config can be done in both spots)